Your Counterfeit Face

Deliverability Case Study: "Your Counterfeit Face"

"Your Counterfeit Face" is the album's centerpiece — garage rock fury at maximum volume, controlled and certain. The track covers the gravest violation in The Postmaster's rulebook: spoofing. Sending mail that appears to originate from a domain you don't own is impersonation, phishing, and the most harmful act a sender can commit against the identity infrastructure that email depends on. The Postmaster doesn't explain himself here. He doesn't need to.

Here is the technical breakdown of the deliverability concepts detailed in the song:

Verse 1: Domain Impersonation — The Painted Car

"You painted your car to look like mine! / But you're driving on the wrong side of the line! / I can see your face right through the paint!"

• The Deliverability Context: "Painting the car to look like mine" describes display name spoofing or lookalike domain spoofing — using a display name, domain name, or visual element that mimics a trusted brand. Examples include paypal-secure.com impersonating paypal.com, or displaying "Apple Support" in the From: display name while sending from apple-verify-id.net. The receiving infrastructure "sees through the paint" via authentication: when the claimed From: domain and the actual sending domain don't match, DMARC alignment">DMARC alignment fails, and Gmail's phishing classifier flags the message. "The wrong side of the line" is literal — spoofing crosses from spam into phishing, which triggers a different, more aggressive response from receiving infrastructure.
• How Gmail Detects It: Gmail's phishing detection is separate from spam classification. It specifically looks for authentication mismatches (DMARC alignment failures), lookalike domain patterns (homograph attacks, typosquatting), and From: display names that claim affiliation with known brands while sending from different domains.

Verse 2: Forged Sending Credentials

"You forged a key to open my door! / Walking all over my hardwood floor! / I read the ledger, I know the name! / You're playing a very dangerous game!"

• The Deliverability Context: "Forged a key" describes the technical mechanics of SMTP spoofing: a sender sets their SMTP MAIL FROM (RFC5321 envelope sender) or From: header to an address they don't control — forging the credential that authenticates the message. Before DMARC was widely deployed, this was trivially easy: the SMTP protocol has no native authentication requirement. "I read the ledger, I know the name" is DMARC working as designed: aggregate reports (rua=) show The Postmaster exactly which senders are claiming a domain and whether their authentication passes. DMARC at p=reject closes the door — forged mail is blocked before it reaches recipients.
• The Criminal Dimension: Email spoofing for the purpose of deceiving recipients into providing credentials, financial information, or system access is phishing — a federal crime under the Computer Fraud and Abuse Act (US), the Fraud Act (UK), and equivalent legislation in most jurisdictions.

Chorus: The Verdict Is DMARC

"Take off the crown! / But you ain't from this town! / Get out! Get out! Get out of my place! / Take back your counterfeit face!"

• The Deliverability Context: The chorus maps to DMARC enforcement. "You ain't from this town" is identifier alignment failure: the sending domain doesn't match the From: header domain, so DMARC alignment fails regardless of whether SPF or DKIM pass on the actual sending domain. "Get out of my place" is p=reject: the message is blocked at the receiving MTA before reaching the inbox.
• DMARC as Defense for the Spoofed Domain: A domain without DMARC enforcement can be impersonated without consequence — spoofed mail reaches recipients. Publishing DMARC at p=reject means receiving servers actively block mail that claims your domain but fails alignment. It's the only defense a legitimate sender has against their domain being weaponized.